It’s Monday, January 19, 2026, and if you’re a Microsoft Office user in India, you’ve got a “high-priority” homework assignment from the government.
The Indian Computer Emergency Response Team (CERT-In) just dropped a major alert. The thing is, your Word, Excel, and PowerPoint files—the stuff you use every single day—could be “booby-trapped.” We’re talking about a memory corruption mess that lets hackers take over your system from across the world. Or nothing. Let’s be real, it sounds like a spy movie, but for millions of office workers, it’s a genuine Monday morning headache.
Also Read | Imran Khan and Bushra Bibi Sentenced to 17 Years in Jail
The CERT-In Alert: Field Notes
It’s an ongoing situation where the hackers aren’t even trying to break your door down; they’re just asking you to “preview” a file.
-
The “Use-After-Free” Glitch: The thing is, the bug (specifically CVE-2026-20952 and CVE-2026-20953) is all about how Office handles memory. A hacker sends a “specially crafted” document, you open it, and—boom—they’re executing code on your machine.
-
The Preview Pane Trap: And here’s the kicker: for some of these flaws (like CVE-2026-20944 in Word), you don’t even have to open the file. Just seeing it in the “Preview Pane” of your email is enough to trigger the exploit. Those too.
-
Remote & Unauthenticated: The thing is, the attacker doesn’t need your password or local access. They just need you to click a link or download an attachment.
-
Zero-Day Drama: While Microsoft has patched these, one related Windows flaw (CVE-2026-20805) was already being exploited in the wild before the fix went live. It’s a mess.
Also Read | Imran Khan and Bushra Bibi Sentenced to 17 Years in Jail
Vulnerability Breakdown: January 2026
| Affected App | Vulnerability Type | Risk Level | The Threat |
| MS Word | Remote Code Execution | Critical | Triggered via “Preview Pane” or opening files. |
| MS Excel | Integer Underflow / RCE | Critical | Malicious spreadsheets can hijack the PC. |
| Office Suite | Use-After-Free | High | Remote attackers gain local control. |
| Windows DWM | Info Disclosure | Important | Already being exploited in the wild. |
And Here’s the Kicker…
Also Read | Imran Khan and Bushra Bibi Sentenced to 17 Years in Jail
The Indian government isn’t just being dramatic. The thing is, Microsoft had to release an out-of-band (OOB) update on January 17 because some of the original patches were causing driver regressions. Or nothing. Basically, the fix for the security flaw was breaking other things, so they had to fix the fix.
How to stay safe right now:
-
Don’t “Preview”: Disable the Preview Pane in Outlook and File Explorer for a few days.
-
Update Manually: Don’t wait for the “Update at 2 AM” prompt. Open Word > File > Account > Update Options > Update Now.
-
The “Stranger Danger” Rule: If you get a resume, invoice, or “urgent report” from someone you don’t know—especially a
.docxor.xlsx—just delete it. Those too.
It’s an ongoing situation where the “patch cycle” is moving fast. The thing is, if you’re running a business, you need to make sure your IT team has pushed the KB5074109 (or equivalent) cumulative update to every machine. Or nothing.
Also Read | Imran Khan and Bushra Bibi Sentenced to 17 Years in Jail
End…
